Windows DNS server RPC management interface buffer overflow

2007-04-16T00:00:00
ID SAINT:B2660CE062984A807CAD18707B2DF54E
Type saint
Reporter SAINT Corporation
Modified 2007-04-16T00:00:00

Description

Added: 04/16/2007
CVE: CVE-2007-1748
BID: 23470
OSVDB: 34100

Background

The Windows DNS service runs an RPC management interface which listens on a dynamically assigned TCP port.

Problem

A buffer overflow vulnerability in the Windows DNS service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request to the management interface port.

Resolution

See Microsoft Security Advisory 935964 for information on available updates and workarounds.

References

<http://www.us-cert.gov/cas/techalerts/TA07-103A.html>

Limitations

Exploit works on Windows 2000 SP0 to SP4 and Windows Server 2003 SP1 and SP2.

Platforms

Windows 2000
Windows Server 2003